Gulf banks boost data security

Employees at a bank branch in Dubai. The Gulf banks have become increasingly proactive about IT security in the past few years. (AFP)

By

Waheed Abbas and Nancy Sudheer

PublishedSunday, April 18, 2010

Pushed by the central banks, Gulf banks are increasingly putting in place advanced information security systems to protect their customers' data, according to global management systems and certification solutions institutions.

Omar Rashid, Sales and Marketing Manager, Middle East and Africa at British Standards Institution (BSI), said: "What we have seen is that central banks are advising banks to go to certain standards. Oman central bank has told banks to make certain standards mandatory and ensure more stringent security and information system after the recent cyclone affected banks' operations. Because a lot of information was lost, the money was lost. The banks will start losing instantly when an online bank system goes down. And this is something they need to protect. So the more standards they have in place the more it will help them to come out of the crisis quickly and in a better shape," he added.

Sudharshan B, lead auditor and trainer at DNV Business Assurance, said International Organisation for Standardisation (ISO) certifications are mandatory in places such as Europe.

"Data privacy acts are relevant in countries there as information about people cannot be revealed. In our region, as call centres and outsourcing companies set up base, it is important to get these laws in place," said Sudharshan.

The UAE, Saudi Arabia and Kuwait are in the forefront of obtaining ISO 27001 certifications, he added.

With awareness increasing in the past two to three years, both the government and the banking sector have become more proactive about IT security and information. "Government bodies are pushing best practices in IT and information security. The banking sector, beginning last year, has been trying to put its house in order after cyber security came under the scanner," said Ahmad Al Khatib, GM at BSI.

BSI currently holds 45 per cent of the total number of certificates issued worldwide, while in the UAE it holds more than 15 licences, along with projects currently underway.

Even bodies such as DNV and BSI have only recently witnessed some growth in organisations applying for certifications. DNV said it has seen a growth of at least 30 per cent over the past two years from the Middle East, while BSI said certifications have increased by 15 to 20 per cent in the past three years.

Globally, growth was up to 19 per cent between 2006 and 2007. Slower growth was reported in the UAE during the same period, but between 2007 and 2008 ISO 27001:2005 certifications reportedly grew by 80 per cent in the country.